Terraform Provider for `cosign`

🚨 This is a work in progress. 🚨

https://registry.terraform.io/providers/mattmoor/cosign

Usage

This provides an cosign_sign and cosign_verify resources that will sign and verify the provided images with cosign.

provider "cosign" {}

# Verify the Chainguard base image against a policy from
# github.com/sigstore/policy-controller.
resource "cosign_verify" "example" {
  image  = "cgr.dev/chainguard/static:latest-glibc"

  # This can also be inlined or fetched from a URL using the "http" data source
  # check out https://github.com/chainguard-dev/policy-catalog for examples!
  policy = file("my-policy.yaml")
}

# This is simply for illustration purposes!
# see: https://github.com/ko-build/terraform-provider-ko
resource "ko_build" "image-build" {
  base_image  = cosign_verify.example.verified_ref
  importpath  = "..."
  repo        = var.where-to-publish
}

# Sign the produced image!
resource "cosign_sign" "example" {
  image = ko_build.image-build.image_ref
}

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
.github		.github
.vscode		.vscode
docs		docs
examples/provider		examples/provider
internal/provider		internal/provider
tools		tools
.gitignore		.gitignore
.goreleaser.yml		.goreleaser.yml
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go
terraform-registry-manifest.json		terraform-registry-manifest.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Terraform Provider for `cosign`

Usage

About

Releases

Packages

Languages

License

mattmoor/terraform-provider-cosign

Folders and files

Latest commit

History

Repository files navigation

Terraform Provider for cosign

Usage

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Terraform Provider for `cosign`

Packages